<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<%@ page import="java.sql.ResultSet" %>
<%@ page import="java.sql.SQLException" %>
<%@ page import="java.sql.Statement" %>
<%@ page import="java.sql.Connection" %>
<%@ page import="java.sql.DriverManager" %>
<%@ page language="java" import="java.lang.*" %>
<%@ page import = "java.sql.SQLException" %>
<%@ page import = "com.seniorproject.aims.*" %>
<%@ page import = "java.util.List" %>
<%@ page import = "java.util.ArrayList"%>
<%@ page import = "java.util.Properties" %>
<%@ page import = "javax.servlet.ServletContext" %>
<%@ page import = "java.io.*" %>
<%@page import="java.util.regex.Matcher"%>
<%@page import="java.util.regex.Pattern"%>

<html>
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
	<title>Add Status</title>
	
	<link rel="stylesheet" type="text/css" href="css/stylev2.css" /> 
	<link rel="stylesheet" type="text/css" href="css/frame2.css" />
	
	<style type="text/css">
		input {
			font-size: 20px;
		}
		select {
			font-size: 20px;
		}
		a {
	      text-decoration:none;
	   	}
	</style>
</head>
<body>

<%
	// get session
	String strUser = String.valueOf(session.getAttribute("sUser"));
	HttpSession htp_session = request.getSession();
			
	// check session
		if (htp_session == null || htp_session.getAttribute("sUser") == null) {
		    // Forward the control to login.jsp if authentication fails or session expires
		    request.getRequestDispatcher("/login.jsp").forward(request,
		        response);
		}
		if(!"admin".equals(htp_session.getAttribute("sUser"))){%>
			<script>alert("This user dont have PERMISSION to access this zone.");</script>
			<meta HTTP-EQUIV="Refresh" CONTENT="0; URL=system_select.jsp"> 	
	<%}
	
	//set Database Connection
	String hostProps = "";
	String usernameProps  = "";
	String passwordProps  = "";
	String databaseProps = "";
	
	try {
		//get current path
		ServletContext servletContext = request.getSession().getServletContext();
		
		InputStream input = servletContext.getResourceAsStream("/properties/connectDB.properties");
		Properties props = new Properties();
		
		props.load(input);
	
		hostProps  = props.getProperty("host");
		usernameProps  = props.getProperty("username");
		passwordProps  = props.getProperty("password");
		databaseProps = props.getProperty("database");
	} catch (Exception e) { 
		out.println(e);  
	}
	
	// connect database
	Connection connect = null;		
	try {
		Class.forName("com.mysql.jdbc.Driver");
	
		connect =  DriverManager.getConnection("jdbc:mysql://" + hostProps  + "/" + databaseProps +
				"?user=" + usernameProps  + "&password=" + passwordProps + "&characterEncoding=tis620");//////"&characterEncoding=tis620" Encoding Thai);
	
		if(connect != null){
			System.out.println("Database Connect Sucesses.");
		} else {
			System.out.println("Database Connect Failed.");	
		}
	
	} catch (Exception e) {
		out.println(e.getMessage());
		e.printStackTrace();
	}
%>

	<div id="page-wrap">
			<div id="inside">
				<table border="0">
					<tr style="font-size:24px">
						<td width="600" height="100" style= "background-color: #273b80;border: 0px ;padding: 0px; 0px;" >
							<div id="header_banner-2"></div>
						</td>
						
						<td width="680" height="100" style= "background-color: #273b80;border: 0px;padding: 0px; 0px;" >
							<p align="right"><label><font size="4" color="#ffffff">username : <%=strUser%>&nbsp;&nbsp;</font></label></p>
							<a href="logout.jsp"><p align="right"><label style="cursor: pointer;"><font size="3" color="#ffffff">log out &nbsp;</font></label></p></a>
						</td>
					</tr>
				</table>
						<div id="main-content-ac">
        					
        					<div class="imageFrame">เพิ่มสถานะของนักศึกษา</div>
							
							<br/><br/><br/><br/><br/><br/>
        					
        					<center>
        					<table width="800" border="0">
        						<form id="form" name="form" method="post" action="">
						       		<tr style="font-size:24px">
						           	  <td width="400" height="50">
						                	<font size="5"><strong>ชื่อสถานะ</strong></font>
						                	<label><font size="5" color="#FF0000">*</font></label>
						                </td>
						                <td width="400" height="50">
						                	<input type="text" name="status" id="status" required/>
						                </td>
						            </tr>
						            
						            <tr>
						            	<td colspan="2">
						            		<label><font size="3" color="#FF0000">หมายเหตุ: * คือ ข้อมูลสำคัญ จำเป็นต้องกรอก</font></label>
						            	</td>
						            </tr>
						                   					            
						             <tr style="font-size:24px">
						            	<td width="400" height="50">
						                	<center><input type="submit" id="save" name="save" value="save" class="buttonStyle"></center>
						                </td>
						        </form>
						                <td width="400" height="50">
						                	<a href="admin_status.jsp"><button class="buttonStyle">cancel</button></a>
						                </td>
						            </tr>
					       </table>
						</center>
						
						<br><br><br>
				
			<div style="clear: both;"></div>
				
			<div id="footer"></div>
			
		</div>		
			<div style="clear: both;"></div>		
   </div>
   
<%
			String checkButton = request.getParameter("save");

			if("save".equals(checkButton)) {
				// get value from tag
				String status = new String(request.getParameter("status").getBytes("ISO8859_1"),"UTF-8");
				
				System.out.println("status :"+status);//////////try/////////////
				
				// check special character
			   	Pattern regex = Pattern.compile("[$&+,:;=?@#^*<>)(|!%]");
			   	Matcher matcherstatus = regex.matcher(status);
			   	if (matcherstatus.find()){
				%>
								<script language="javascript"> alert("กรุณาใส่ตัวอักษรหรือตัวเลขเท่านั้น");	</script>
				<%}else{
				
					if("".equals(status)) {
	%>
						<script type="text/javascript"> alert("กรุณากรอกข้อมูลก่อนค่ะ") </script>
	<%				
					}
					else {
						try {
							// check status name exist
							ResultSet rs = connect.createStatement().executeQuery("SELECT status_name "
														+ " FROM status "
														+ " WHERE status_name='"+status+"'");
							
							rs.last();
							if(rs.getRow() == 1) {
			%>
								<script language="javascript"> alert("สถานะนี้มีอยู่ในระบบแล้ว กรุณากรอกใหม่อีกครั้งค่ะ");	</script>
			<%								
							}
							else {
								String sql = "INSERT INTO `status`(`status_name`)" 
										+" VALUES ('"+ status +"')";
								connect.createStatement().executeUpdate(sql);
									
								/* Log file */
								String log = "admin add status";
								Log.writeAdminFile(log);
								Log.writeAdminFile(sql);
		%>
									<script language="javascript"> alert("บันทึกข้อมูลสำเร็จ");	</script>
									<meta HTTP-EQUIV="Refresh" CONTENT="0; URL=admin_status.jsp">
									
		<%
							}
						} catch (SQLException e) {
							e.printStackTrace();
			%>
							<script language="javascript"> alert("มีข้อผิดพลาดเกิดขึ้น กรุณาลองใหม่อีกครั้งค่ะ");	</script>
			<%
						}
					}
				}
			}
			
			connect.close();
%>

</body>
</html>